The Department of Information Technology, Government of India issued a discussion draft on National Cyber Security Policy (pdf) on 26th March 2011 and invited comments on it. In our opinion this draft of the national policy is a considerable initial step and the government should be commended for being attuned to the threats and challenges facing the management of cyberspace and taking steps to address them. We feel that the document substantially addresses several areas and processes related to cyber security, particularly incident response, vulnerability management and infrastructure security.

However, we have identified some areas of improvement, including scope, ownership, resource allocation and management, technical and non-technical controls, which we present for the government’s consideration. This Takshashila policy advisory document (pdf) provides comments and feedback on the draft.

Feel free to provide your input on the original discussion draft or our response to it, in the comment section below.